crowdstrike/ioc Dashboards
Domain overview
Widget | Description | Type |
---|---|---|
IOC geolocation |
Location of client IP addresses present in IOC. Note - location of
client IP does not always correlate with actual physical location
of user or system
logscale
| World Map |
Threat types |
Pie chart showing breakdown of threat types (linked to client IP)
logscale
| Pie Chart |
Threat relationships |
Links client IP IOC labels to the different values of each label
logscale
| Sankey |
Actors |
Pie chart showing breakdown of threat actors (linked to client IP)
logscale
| Pie Chart |
Kill chains |
Pie chart showing breakdown of kill chain values (linked to client
IP)
logscale
| Pie Chart |
All threat details |
Detailed information of all threats found in client IPs
logscale
| Table |
Malware |
Pie chart showing breakdown of malware types (linked to client IP)
logscale
| Pie Chart |
note-1624965575450 | # All Details The table below shows details of all the threats found, irrespective of the threshold filter applied. Click on the various aspects of these results to drill down into the raw events | Note |
IP overview
Widget | Description | Type |
---|---|---|
IOC geolocation |
Location of client IP addresses present in IOC. Note - location of
client IP does not always correlate with actual physical location
of user or system
logscale
| World Map |
Threat types |
Pie chart showing breakdown of threat types (linked to client IP)
logscale
| Pie Chart |
Threat relationships |
Links client IP IOC labels to the different values of each label
logscale
| Sankey |
Actors |
Pie chart showing breakdown of threat actors (linked to client IP)
logscale
| Pie Chart |
Kill chains |
Pie chart showing breakdown of kill chain values (linked to client
IP)
logscale
| Pie Chart |
All threat details |
Detailed information of all threats found in client IPs
logscale
| Table |
Malware |
Pie chart showing breakdown of malware types (linked to client IP)
logscale
| Pie Chart |
note-1624965575450 | # All Details The table below shows details of all the threats found, irrespective of the threshold filter applied. Click on the various aspects of these results to drill down into the raw events | Note |
Overview
Widget | Description | Type |
---|---|---|
Threat attributes | logscale
| Sankey |
Threat severity over time |
Displays threat severity over time using URL, IP address, and
domain.
logscale
| Time Chart |
Threats by confidence |
Displays a list of threats by confidence level based on URLs, IP
addresses, and domains.
logscale
| Pie Chart |
Guide | Please use these dashboards as inspiration on building your own security insights. To get started, edit the queries in the widget to insert the right field names you want to look up IOC matches on. | Note |
URL overview
Widget | Description | Type |
---|---|---|
IOC geolocation |
Location of client IP addresses present in IOC. Note - location of
client IP does not always correlate with actual physical location
of user or system
logscale
| World Map |
Threat types |
Pie chart showing breakdown of threat types (linked to client IP)
logscale
| Pie Chart |
Threat relationships |
Links client IP IOC labels to the different values of each label
logscale
| Sankey |
Actors |
Pie chart showing breakdown of threat actors (linked to client IP)
logscale
| Pie Chart |
Kill chains |
Pie chart showing breakdown of kill chain values (linked to client
IP)
logscale
| Pie Chart |
All threat details |
Detailed information of all threats found in client IPs
logscale
| Table |
Malware |
Pie chart showing breakdown of malware types (linked to client IP)
logscale
| Pie Chart |
note-1624965575450 | # All Details The table below shows details of all the threats found, irrespective of the threshold filter applied. Click on the various aspects of these results to drill down into the raw events | Note |